Thread Links			Date Links
Thread Prev	Thread Next	Thread Index	Date Prev	Date Next	Date Index

Re: [STDS-802-11-TGBH] ID encoding in pre-schemes

To: STDS-802-11-TGBH@xxxxxxxxxxxxxxxxx
Subject: Re: [STDS-802-11-TGBH] ID encoding in pre-schemes
From: "Harkins, Dan" <daniel.harkins@xxxxxxx>
Date: Wed, 16 Nov 2022 07:57:51 +0000

I like this approach. I would suggest using A2 as AAD in the HPKE wrapping instead of including it in the keyed hash as part of the body of the data being wrapped. In fact, it might make sense to bind some more of the header into AAD.

HPKE does a one-way wrapping to a public key-- that is, it's not a bi-directional security association-- but it also includes a secret export capability from the state created by the single-shot operation. This secret export could be used to possibly protect a response from the AP, imagine possibly FTM or some pre-association interaction like that.

One request (and this gets back to my comment to Graham today) is to describe the impact on the AP this approach has. Are there DOS considerations?

regards,

Dan.

--
"the object of life is not to be on the side of the majority, but to
escape finding oneself in the ranks of the insane." – Marcus Aurelius

On 11/15/22, 11:14 PM, "Jouni Malinen" <jkmalinen@xxxxxxxxx> wrote:

Based on the discussion today, I prepared a document to provide some
more detail for an alternative mechanism of encoding ID information
for pre-association use cases (i.e., something that does not use the
MAC address field in the frame header). I posted an initial draft (*)
of that if someone wants to review it before the next slot where I'm
hoping to get agenda time to go through the presentation. Please let
me know if you have any questions or comments on the contents and in
particular, if you would like something to be changed or added before
the presentation.

(*) https://mentor.ieee.org/802.11/dcn/22/11-22-2013-00-00bh-id-encoding-in-pre-schemes.pptx

- Jouni

________________________________________________________________________
To unsubscribe from the STDS-802-11-TGBH list, click the following link: https://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11-TGBH&A=1

Follow-Ups:
- Re: [STDS-802-11-TGBH] ID encoding in pre-schemes
  - From: Jouni Malinen

References:
- [STDS-802-11-TGBH] ID encoding in pre-schemes
  - From: Jouni Malinen

Prev by Date: Re: [STDS-802-11-TGBH] ID encoding in pre-schemes
Next by Date: [STDS-802-11-TGBH] ID encoding in pre-schemes
Previous by thread: [STDS-802-11-TGBH] ID encoding in pre-schemes
Next by thread: Re: [STDS-802-11-TGBH] ID encoding in pre-schemes
Index(es):
- Date
- Thread